How to protect your PC against computer viruses or malware?
You must protect your PC vigilantly against computer viruses and malware including Trojan horses and spyware because they affect not only the operation of your PC but also the performance of the entire campus network and the Internet. It is your responsibility to do the followings.
- Keep your personal firewall turned ON to protect your PC from security threats. Windows 8.1 and Windows 10 Firewall is turned on by default. Anti-Virus software with its own firewall program will disable Windows Firewall.
- Perform Windows Critical Update whenever new Critical Update is available (usually in the second week of a month).
- Install anti-virus software on your PC and update your PC with the virus definition file daily, preferably after your PC is started up (to get the latest virus definition).
- Students can download ONE copy of Sophos Home software from HKU Portal (My Page > Campus Information Services > Central IT Services > Download Sophos Anti-Virus) and install it on a PC for work related to University studies during their stay at the University.
- Staff can also download a copy of Sophos Home for use on their PC if they are using a copy on their departmental PC which is coordinated through ITS.
- Install anti-malware software on your PC and update it with the anti-malware definition file regularly. e.g.
- Microsoft Windows Defender – it is part of Windows 8.1 and Windows 10.
- If your PC is infected with a virus, the virus may disable your PC from accessing anti-virus web sites and so you cannot update your PC with the latest virus definition file. You must use another PC to download the special removal tools and the latest virus definition files (see FAQ).
- Do NOT install peer-to-peer (“P2P”) software because P2P software may auto-download and redistribute other software without authorization and would infringe others’ copyright and make your PC susceptible to network attacks such as port scanning, virus, Trojan horse or spyware.
- Do NOT open suspicious mail or attachment from unknown/suspicious source.
- Do NOT visit suspicious web sites or click on unknown web links.
- Always remember to switch off your PC and monitor when not in use for a prolonged period (e.g. when leaving office or home) to reduce the chance of your PC being attacked and if infected, to attack other computers or the network. This also saves energy and is environmentally friendly by extending the life of the PC.
Avoid storing sensitive and personal data in unprotected devices, especially portable devices
Sensitive and personal data must be stored with password protection and better with encryption on computer and storage devices.
Portable storage devices, e.g. USB flash drives, are easily lost. It could lead to a breach of information security if any sensitive and personal data is stored on them. Please refer to Guidelines on electronic communications and storing personal data on portable storage devices, personally-owned computers and public cloud services for more details.
How to protect your computer accounts and passwords?
- Use a PIN/password of 10-18 characters include combinations of letters (upper and lower case) and digits. For example, think of a sentence which can be easily remembered. Take the first character of each word and make it a password, e.g. Happy birthday to you 2 Winnie the Pooh and Tigger becomes the password Hbty2WtPaT.
- Default passwords and passwords generated by others should be changed promptly.
- Change password periodically to prevent password aging (password may be spied on infected computers).
- Log off system or power cycle after use in public places (e.g. office, school, or cafe).
- Don’t share account with others.
- Don’t disclose your user ID or password to others.
- Don’t give away your user ID or password when completing an on-line form.
- Don’t store your password in the browser, or leave it written around, in particular near the computer.
- Don’t reuse old passwords when change of password is required.
- Avoid using easily guessed passwords or PIN such as names of places, a word from a dictionary, nickname, date of birth, phone numbers, car plate numbers, any string of digits, a person’s name, drama/film character, brand of products, simple patterns of letters on keyboard e.g. ‘qwert’ or a string of all the same letter.
- Change your password regularly.
Be careful of using public PCs
- Avoid accessing personal and sensitive information through the public computers as your passwords and personal information may be revealed.
- Do not use the “remember your password” feature associated with some web sites or browsers.
- Beware of somebody standing nearby watching or even webcam installed to steal your account and password data.
- Clear all history, cookie, and temporary files from the Internet browser.
- Log off or even better shutdown the public computer after use.
- After use, consider changing your password at a trusted computer e.g. your own computer.
Check if there is any malicious email inbox rule
In recent cases of compromised account, some victims reported that their emails were deleted or being forwarded to the hackers. The problem was mostly due to unauthorized email inbox rules set up by the hacker. Please follow the steps below to check whether your mailbox has been injected with such malicious email inbox rules:
Please login HKU Outlook Web Access (https://hkucc1.hku.hk/owa) with your UID and password (which may be the new password provided by the CF-111 request).
Please click on the Gear button and select “Options”.
Please choose “organize email” from the left menu and select “Inbox rules”. If you find any rules which are NOT set up by you, please “TICK” the rules and click the “Trash” button to remove them.
Please also check the missing emails from your “Deleted Items” or “RSS Feeds” folder on the left menu. Please move them all from the “Deleted Items” or “RSS Feeds” folder to your Inbox.
Please go to https://webmail.hku.hk, click “CONNECT.HKU.HK” and login with your HKU Portal UID and PIN.
Please click the Gear button and select “See all settings”.
Click “Filters and Blocked Addresses”. If you find any filtering rules which are NOT set up by you, please “TICK” the rules and click the “Delete” button to remove them.
Click “Forwarding and POP/IMAP”. If you find any forwarding rules which are NOT set up by you, please click the radio button next to “Disable forwarding” and click “Save Changes” at the bottom of the page to disable all email forwarding.
Remove email forwarding rules which are NOT set up by you by clicking the forwarding email addresses and click “Remove ”.